users@javaee-security-spec.java.net

[javaee-security-spec users] [jsr375-experts] Re: JSR 351 Identity API Status?

From: Werner Keil <werner.keil_at_gmail.com>
Date: Thu, 7 May 2015 12:15:17 +0200

Ron/all,

Looking at existing elements of JSR 351 you also highlighted like
https://identity-api-spec.java.net/nonav/1.0/apidocs/javax/security/identity/provider/AttributeProvider.html#getAttributeLookupService()
https://identity-api-spec.java.net/nonav/1.0/apidocs/javax/security/identity/provider/AttributeProvider.html#getAttributeUpdateService()

it is safe to assess, a key focus of JSR 351 in EDR stage was
"Attribute-Based Access Control" (ABAC)

Beside commercial vendors, e.g. below, standard bodies like NIST have dealt
with the matter for some time:
http://en.wikipedia.org/wiki/Attribute-based_access_control

I guess there are certainly things in 351 beneficial to the cause if the
Renewal Ballot passed and 351 was allowed to continue.

Regards,

Werner


*Gesendet:* Donnerstag, 07. Mai 2015 um 11:50 Uhr
*Von:* Axiomatics <marketing_at_axiomatics.com>
*An:* "Werner Keil" <werner_at_catmedia.us>
*Betreff:* [Infographic]: Why you should shift to Attribute-based Access
Control

Click here
<http://ma.axiomatics.com/acton/ct/10529/s-00dc-1505/Bct/q-5f6c/l-0013:6647/ct0_0/1?sid=KYkVip9hj>
to
view this message in a browser window



<http://ma.axiomatics.com/acton/ct/10529/s-00dc-1505/Bct/q-5f6c/l-0013:6647/ct1_0/1?sid=KYkVip9hj>
<http://ma.axiomatics.com/acton/ct/10529/s-00dc-1505/Bct/q-5f6c/l-0013:6647/ct2_0/1?sid=KYkVip9hj>
<http://ma.axiomatics.com/acton/ct/10529/s-00dc-1505/Bct/q-5f6c/l-0013:6647/ct3_0/1?sid=KYkVip9hj>
<http://ma.axiomatics.com/acton/ct/10529/s-00dc-1505/Bct/q-5f6c/l-0013:6647/ct4_0/1?sid=KYkVip9hj>What
can Attribute-based Access Control do for you?Check out this infographic to
ease the pain.

From the board room to the database administrator - we're all being kept up
by the threat of sensitive data getting into the wrong hands. We've all got
different reasons for this - sometimes it's compliance, sometimes it's
fraud. Whatever the driver- enterprises and government agencies alike know
that data access control is paramount to a business' data security goals.
Now, many of these organizations are making the shift to externalized
authorization and fine-grained access control.
You've probably heard about ABAC - but maybe you're overwhelmed by it. Read
on to find out how making the shift to this approach can help you meet your
IT security goals. [image: The ABAC Factor Infographic]
<http://ma.axiomatics.com/acton/ct/10529/s-00dc-1505/Bct/q-5f6c/l-0013:6647/ct5_0/1?sid=KYkVip9hj>[image:
The ABAC Factor Infographic]
<http://ma.axiomatics.com/acton/ct/10529/s-00dc-1505/Bct/q-5f6c/l-0013:6647/ct5_1/1?sid=KYkVip9hj>


Click here to opt out
<http://ma.axiomatics.com/acton/rif/10529/s-00dc-1505/-/l-0013:6647/q-5f6c/zout?sid=KYkVip9hj>

For more information about Axiomatics visit our website www.axiomatics.com
<http://ma.axiomatics.com/acton/ct/10529/s-00dc-1505/Bct/q-5f6c/l-0013:6647/ct1_1/1?sid=KYkVip9hj>
or send an email to info_at_axiomatics.com
<https://3c.gmx.net/mail/client/mail/compose/info@axiomatics.com> .
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.